This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Danny
Champion
Champion
‎2021-10-11 11:40 PM

Gaia Health Check Script v7.17 released

Check Point released v7.17 of it's Gaia Health Check Script

Also available as SmartConsole Extension!

Script author: @Nathan_Davieau (LinkedIn profile)
QA Director: @Barak_Ran (LinkedIn profile)

What's new:

What's missing:

  • Endpoint Security and VPN Client versions check on Log Servers to warn if unsupported clients still connect (Plea)
  • Many checks listed in Check Points Professional Service health check (sample report)
  • USFW best practices checks as described in sk167052
  • Checks from Check Points performance investigation procedure (sk167553)
  • Check if updatable objects are present on gateway (sk121877)

Download

Package Link Date 
healthcheck.sh script v7.17 September 14th, 2021
 

Installation

nc -z -w 3 supportcenter.checkpoint.com 443; if [[ $? -eq 0 ]]; then curl_cli -o healthcheck.tmp -f -s -k "https://supportcenter.checkpoint.com/supportcenter/portal/role/supportcenterUser/page/default.psml/media-type/html?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=59369"; l=`grep "HashKey" healthcheck.tmp | head -n1 | awk '{print $3}' | sed 's/href="//' | sed 's/">//'`; s=`echo $l | awk -F/ '{print $6}'`; curl_cli -o healthcheck.sh -f -s -k $l; if [[ `md5sum healthcheck.sh | cut -d " " -f1` == $s ]]; then chmod +x healthcheck.sh; ls -la healthcheck.sh; else echo "MD5 hash mismatch of Gaia healthcheck script. Aborting."; rm healthcheck.sh; fi; rm -f healthcheck.tmp; else echo "No HTTPS access to supportcenter.checkpoint.com for script download -> see sk83520"; fi
 

Sample Output - Security Management

 
Physical System Checks
Category Title Result
System Uptime OK
OS Edition OK
NTP NTP Daemon OK
Disk Space Free Disk Space INFO
Memory Physical Memory OK
Swap Memory OK
CPU CPU idle% OK
CPU user% OK
CPU system% OK
CPU wait% OK
CPU interrupt% OK
Interface
Statistics

 

 RX Errors OK
RX Drops OK
RX Missed Errors OK
RX Overruns OK
TX Errors OK
TX Drops OK
TX Carrier Errors OK
TX Overruns OK
Known Issues Issues found in logs WARN
FTW After Jumbo OK
Processes Zombie Processes OK
Process Restarts OK
Core Files Usermode Cores Present OK
Kernel Cores Present OK
Check Point CPInfo Build Number OK
CPUSE Build Number OK
Jumbo Version WARN
CP Version OK
Licensing Licenses OK
Contracts WARN
Debugs Active tcpdump OK
Active Debug Processes OK
CPM Debugs OK
TDERROR Configured OK
 
Security Management Checks
Category Title Result
Mgmt Status API OK
CPM OK
Configuration GUI Clients OK
1 Reply
MarcP
Explorer
‎2021-12-07 09:42 AM

Thanks so much for your continuous updates and improvements to the script! Much appreciated!

Of late I have noticed an issue that I thought I would raise with you. Let's say I have an R80.30 or R80.40 system and I use the "Blink" upgrade process to upgrade to R81 with latest JHF. After the upgrade the health check script flags a warning about the jumbo install before the FTW was completed. Wondering if this is something the script is picking up incorrectly or something with the Blink process that causes this. I have a support case opened and the recommendation is to re-run the FTW which seem to be a bit of an inconvenience. Appreciate hearing your thought on this.

Thanks!

0 Kudos